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Abstract 

This paper mainly studies problems about so called "permutation polynomials modulo m" , polynomials with 
integer coefficients^ that can induce bijections over Z,„ — {0, • ■ ■ , m — 1}. The necessary and sufficient conditions 
of permutation polynomials are given, and the number of all permutation polynomials of given degree and the 
number induced bijections are estimated. A method is proposed to determine all equivalent polynomials from 
the induced polynomial function, which can be used to determine all equivalent polynomials that induce a given 
bijection. A few problems have not been solved yet in this paper and left for open study. 

Note: After finishing the first draft;, we noticed that some results obtained in this paper can be proved in other 
■ways (see Remark 2). In this case, this work gives different and independent proofs of related results. 
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1 Introduction 

Integer polynomials that can induce bijections over finite fields, namely permutation polynomials, are firstly studied 
in algebra community [3-9]. Permutation polynomials have been used in cryptography and coding [8,10-18]. This 
paper studies permutation polynomials modulo an integer, i.e., permutation polynomials over integer rings [6,19-21]. 

^In this paper, we always call them "integer polynomial" in short. Note that sometime another name "integral polynomial" is 
used [1, Sec. 7.2]. However, we prefer to "integer polynomial" to avoid confusion with the word "integral" as an adjective (see [2]). 
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Such permutation polynomials have also been used in cryptography and coding recently, such as in the RC6 block 
cipher [22] a simple permutation polynomial /(x) = x{2x + 1) modulo 2^^ is used. 

Assume /(x) = a„x" + • • • + aix + ap is a polynomial with integer coefRcients of degree n > 1 modulo m, where 
a„ ^ (mod m). It is possible that f{x) forms a bijection over = {0, • • • , ?7i — 1}, i.e., Vxi, x^ ^1 and X\ ^ x-2, 
(mod m), /(xi) ^ /(a;2) (mod m). In other words, it is true that /(Z) = Z^, or a complete system of residues 
modulo m is permuted by the polynomial /. The most common permutation polynomial modulo m is /(x) = x. In 
addition, as a special case, Fermat's little theorem also gives one of the simplest permutation polynomials modulo 
a prime p: /(x) = x^, which satisfies Vx G Z, /(x) = x (mod p). 

It is well-known that many problems on permutation polynomials over finite fields are still open [4,5,7]. Similarly, 
there are a few work on permutation polynomials modulo integers, both in number theory [1,23-27] and algebra 
communities. In this paper, we try to find answers to the following questions on permutation polynomials modulo 
m, where m may be a prime, a prime power, or a general composite. 

• What are necessary and sufficient conditions of permutation polynomials modulo m? 

• What is the number of distinct permutation polynomials of degree < n modulo m and what is the number of 
distinct bijcctions induced from these polynomials? 

• Is there a practical way to enumerate all permutation polynomials of degree n modulo m given a bijection (or 
a partial bijection) over {0, • • ■ , m — 1}? 

At present, the first two questions have been almost solved, but the last one has not been solved at all when the 
degree of the polynomials n > p modulo p"^. 

This paper is organized as follows. In next section, we first give some preliminary definitions and lemma. Sec. 
3 discusses the case of composite moduli, and concludes that permutation polynomials modulo a composite can be 
studied via permutation polynomials modulo each prime power. In Sec. 4, we discuss the case of prime moduli and 
give some limited results. Then, in Sec. 5, the general cases modulo p'^ {d > 1) are studied and some useful results 
are obtained. Two open problems are raised in Sec. 5 for future study. 

2 Preliminaries 

This section lists a number of definitions and notations used throughout in this paper. Some preliminary lemmas 
are also given to simplify the discussions in this paper. I try to keep the definitions, notations and lemmas as simple 
as possible. Please feel free to contact me if you have some idea of making them even simpler, more elegant, more 
beautiful, and/or more rigorous in mathematics. 

2.1 Some Simple Lemmas on Congruences 

The following lemmas will be extensively cited in this paper without explicit citations. 
Lemma 1 If a \ b and a \ m, then a \ (b mod m). 

Proof: From a\b, 3ki G Z, 6 = aki. From a\m, 3k2 £7^,171 = ak2. Assume x = (femodm), then Elfcs G Z, 
X = m/ca + b = ak2k^ + aki = a{ki + ^2^3)- So, a \ x, which proves this lemma. ■ 

Lemma 2 If rn \ m! , [a mod m') = a (mod m). 

Proof: From m\m' , 3ki 1j, m' = mki. Assume x = a mod m', then 3k2 G Z, .x = Tn'k2 + a = mkik2 + a. Then, 
(a mod to') = mkik2 + a = a (mod m). This lemma is proved. I 

Lemma 3 If a = (mod mi) and 6 = (mod TO2), then ab = (mod miTO2). 

Lemma 4 (Theorem 2.2 in [24]) Assume f{x) = a„x" + • • ■ + Oix + Oq is an integer polynomial. If Xi = X2 
(mod to), then f{xi) = /(.X2) (mod m). 

Lemma 5 Assume A is an n x n matrix, X is a vector of n unknown integers, and B is a vector of n integers. 
If \A\ is relatively prime to to, i.e., gcd(|A|,TO) — 1, then AX = B (mod to) has a unique set of incongruent 
solutions X = A(adj(A))B (mod m), where A is an inverse 0/ A = \A\ modulo m and adj(j4) is the adjoint of A. 

Proof: This lemma is a direct result of Theorem 3.18 in [25] (sec pages 151 and 152). ■ 
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2.2 Polynomial Congruences Modulo m 

The following definition is from Chap. Vll of [1] and related concepts are slightly extended. 

Definition 1 Given two integer polynomials of degree n: f{x) = a„x" + - ■ ■+aix+ao and g{x) = 6„a;" + - • •+6ia;+6o, 
if Wi = ^ n, Qi = hi (mod m), we say f{x) is congruent to g{x) modulo m , or f{x) and g{x) are congruent 
(polynomials) modulo m , which is denoted by f{x) = g{x) (mod m). On the other hand, if3i £ {I,-- - ,n}, such 
that Oi ^ hi (mod m), we say f{x) and g(x) are incongruent (polynomials) modulo m , denoted by f{x) ^ g(x) 
(mod m). 

Definition 2 A polynomial congruence (residue) class modulo m is a set of all polynomials congruent to each other 
modulo m. 

Definition 3 A set of polynomials of degree n modulo m is a complete system of polynomial residues of degree n 
modulo TO, if for every polynomial of degree n modulo m there is one and only one congruent polynomial in this set. 

Lemma 6 The following set of polynomials is a complete system of polynomial residues of degree n modulo m: 

^[^] = {fi^) = ^ 1" ai.T + ao |a„ e {f , • • • , TO - 1}, a„_i, • • • , ao £ {0, • • • ,to - f } } . 

Proof: Assume f{x) = a„x" + • • • + aix + oq is a polynomial of degree n modulo to. Choose a* ~ (a^ mod to) £ 
{0, • • • ,771—1} (i = ~ n), then f*{x) = a,*.T" + • • • + a^x + Oq G F is congruent to f{x). Assume that another 
polynomial g{x) = hnx"" + • • • + hix + h^ ^ ¥ is also congruent to /(x). Then, Vi = n, 6; = a* (mod to). Since 
{0, • • • , m — 1} is a complete set of residues modulo to, hi = a*. This means that g{x) — f*{x). This completes the 
proof of this lemma. B 

Definition 4 A set of polynomials of degree < n modulo to is a complete system of polynomial residues of degree 
< n modulo m, if for every polynomial of degree < n modulo m there is one and only one congruence polynomial. 

Lemma 7 The following set of polynomials is a complete system of polynomial residues of degree n modulo m: 

^[^] = {fi^) = ^ 1" oicc + ao |a„, a„_i, • • • , ao € {0, • • • , ?7i - 1} } . 

Proof: The proof is similar to the above lemma. I 



2.3 Polynomial Functions Modulo m 

Definition 5 If a function over {0, • • • , jti — 1} can be represented by a polynomial modulo m, we say this function 
is polynomial modulo to. 

Lemma 8 Assume p is a prime. Then, any function over {0, • ■ • ,p — 1} is polynomial modulo p. 



Proof: Assume f{x) ~ anX^^ + • ■ • + aix + ao is a polynomial of degree n > p — I modulo p. Given a function 
F : {0, ■ • • ,p — 1} ^ {0, ■ • • ,p — 1}, one has the following system of congruences: 



02 

22 



1 p-1 {p~l) 







ao 




F(0) 








ai 








2P-1 




a2 






(mod p'^) 


- l)P-i 




_ap_i_ 




.i^(p-i)-Er=pb-i)X 





Since the matrix at the left side is a Vondermonde matrix, one can see its determinant is relatively prime to p. So, 



for each combination of ap 
is proved. 



, a„, there is a unique set of incongruent solutions of ao, ■ ■ ■ , ap_i. Thus this lemma 
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2.4 Equivalent Polynomials Modulo m 

The concept of equivalent polynomial modulo m is used to describe incongruent but equivalent (for any integer) 
polynomials modulo m. Note that some researchers call them "residually congruent polynomials modulo m" [28,29]. 

Definition 6 Two integer polynomials f{x) and g{x) are equivalent (polynomials) modulo m if\/x G Z, f{x) = g{x) 
(mod to). 

Note that two equivalent polynomials modulo m may not be congruent modulo p, and may have distinct degrees. 
As a typical example, when p is a prime, f{x) = x^ and 17(0;) = x are equivalent polynomials modulo p. 

Lemma 9 Two polynomials of degree 1 modulo m, f{x) ~ aix + flo and g{x) = bix + bo, are equivalent polynomials 
modulo m if and only if f{x) = g{x) (mod m), i.e., ai = bi (mod to) and ao = bo (mod to). 

Proof: The "if part is obvious from the definition of equivalent polynomials modulo to, so we focus on the "only 
if part. Since f{x) and g{x) are equivalent polynomials modulo to, then Vx € {0, ••• ,to — 1}, f{x) — g{x) = 
(ai — bi)x + (ao — bo) = (mod to). Choosing x = (mod to), one has ao = foo (mod to). Then, choosing x = 1 
(mod to), one has ai = bi (mod to). Thus this lemma is proved. ■ 

Lemma 10 Two polynomials, f{x) — a^x^^^ + • • • + ao and g{x) ~ bn^x"^ + ■ ■ ■ + bo, are equivalent polynomials 
modulo m, then ao = bo (mod to). 

Proof: Choosing a; = 0, one has f{x) — g{x) = ao — 60 = (mod to). This lemma is proved. I 

Corollary 1 Two polynomials, f{x) = a„a:;" + • ■ • + a2x'^ + ao and g{x) = a^x" + • • • + a2x'^ + bo, are equivalent 
polynomials modulo to if and only if ao = bo (mod to) . 

Lemma 11 Assume p is a prime and d > 1. Two polynomials, f{x) = ap-iX^~^ + • • ■ + ao and g{x) ~ bp^ix^"^ + 
■ ■ ■ + bo, are equivalent polynomials modulo p'^ if and only if f{x) = g{x) (mod p'^}. 

Proof: The "if part is obvious true, from the definition of equivalent polynomials modulo p"*. So, we focus on the 
"only if part only. From f{x) — g{x) = (mod p''), choosing x = Q ^ p — 1, one can get the following system of 
congruences in the matrix form AX^-b = B (mod p'^): 
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ao 


-bo 
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-.9(0) 
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ai 


-bi 




/(I) 


-.9(1) 
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22 






a2 


-b2 




/(2) 


- .9(2) 
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p~l 


{p-lf ■ 


■ [p - ir~\ 






- bp-i_ 




JiP - 1) 


-.9(P-1). 








Since A is a Vandermonde sub-matrix, one can get \A\ ~ Y[o<i<j<p-i(J — *) I^^O, §4.4]. From p is a prime and 
1 < (j — i) < p— 1, one has gcd(|A|,p'') = 1. Thus, the above system of congruences has a unique set of incongruent 
solutions. So, Vz = ~ p — 1, one has a; = bi (mod p"^). This completes the proof of this lemma. ■ 

Note that in the above lemma f{x) and g{x) may be polynomials of degree less than p — I modulo p^. In this 
case, the matrix at the left side of the system of congruences may have a smaller size, but its determinant is still 
relatively prime to p**. 

Corollary 2 Assume p is a prime. Two polynomials, f{x) ~ a^x"^ + • • • + ao and g{x) = bnX^ + ■ ■ ■ + bo, are 
equivalent polynomials modulo p if and only if {f{x) mod (x^ — x)) = {g{x) mod (x^ — x)) (mod p). 

Proof: This corollary is a direct result of the above lemma and Format's Little Theorem. ■ 
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2.5 Permutation Polynomials Modulo m 

Definition 7 Assume f{x) = a„a:" + • • • + aix + ao is a polynomial of degree n > 1 modulo m, where a„ ^ 
(mod m). If f(x) = ((a„x" + • ■ • + aix + ao) mod m) forms a bijection F : {0, • • ■ , m — 1} ^ {0, • ■ • , m — 1}, we 
say that f{x) is a permutation polynomial modulo m, or f{x) is permutation modulo m. The bijection F is called 
the induced bijection of the polynomial f{x) modulo m. 

Definition 8 // two permutation polynomials are equivalent modulo m, we say they are equivalent permutation 
polynomials modulo m. It is obvious that equivalent permutation polynomials modulo m induce the same bijection 
over {0, ■ • ■ , m — 1}. 

Lemma 12 A polynomial f{x) is a permutation polynomial modulo m if and only if g{x) ~ af{x) + b is a permu- 
tation polynomial modulo m, where gcd(a, m) = 1 and 6 G Z. 

Proof: This lemma is a direst result of Theorem 3.6 in [25] on a complete system of residues modulo m. M 

Lemma 13 Two polynomials, f{x) = On-^x""^ + • • • + aix + oq and f{x) = bn^a^"^ + • • • + bix + bo, is equivalent 
permutation polynomials if and only if f*{x) ~ a„jX"^ + • • • + aix and g*(x) = 6„2a;"^ + • • • + bix are equivalent 
permutation polynomials modulo m and oq = bo (mod m) . 

Proof: This lemma is a direct result of Lemmas 10 and 12. ■ 
From the above two lemmas, we can only study permutation polynomials in the form f{x) = a„a;" + • • • + aix. 

Lemma 14 If f{x) = g{x) (mod m) and f{x) is a permutation polynomial modulo m, then g{x) is an equivalent 
permutation polynomial of f(x) modulo m. 

Proof: Since f{x) = g(x) (mod m), Va G Z, /(a) = g{a) (mod m) =^ /(a) mod m = g{a) mod m, i.e., F{a) = G{a). 
So g[x) generates the same bijection as f[x). This completes the proof. ■ 

Theorem 1 The polynomial f{x) = Oix + ao is a permutation polynomial modulo m if and only if gcd(ai,m) = 1. 

Proof: Assume G = (1) is a cyclic group of order m. From Theorem 3.24 in [31] (or Theorem 2 in §2.3 of [32]), 
ai = l°i is a generator of G if and only if gcd(ai,TO) = 1. Note that in group G the binary operator is defined as 
addition modulo m. It is obvious that oi is a generator of G if and only if f*{x) = aix is a permutation polynomial 
modulo TO. Then from Lemma 12, this theorem is proved. I 

Corollary 3 The number of congruence classes of permutation polynomials f{x) = aix + ag of degree 1 modulo m 
is <j){m)m. The number of bijections induced from these permutation polynomials is also (f>(rn)m. 

Proof: From Theorem 1, ai should satisfy gcd(ai, m) ~ 1, but ao can be any integer, so The number of congruence 
classes of permutation polynomials of degree 1 modulo to is (j){m)m. From Lemma 9, the (j){m)m permutation 
polynomials are not equivalent to each other, so they induce 4)(m)m distinct bijections. I 

Definition 9 Given a bijection F : A ^ A. If for a set B C A, F{M) = M, then Fb = {{a,b)\a,b e M} C F is a 
bijection over B, and we say the bijection Fjg, :M is a sub-bijection of F, and F is a super-bijection of F^. 

Lemma 15 Given a bijection F : A ^ A. If Fg :M is a sub-bijection of F, then F^\jg, : A\B A\B is also a 
sub-bijection of F. 

Proof: Assume that 3a G A\B, F{a) G B. Since Fb is a bijection over B, then F{a) has one and only one preimage 
in B. However, it is obvious that a ^ B is also the preimage of F{a). We get a contradiction. So, Vx G A\B, 
F{x) G A\B. This means that Fa\b is a sub-bijection of F over A\B. ■ 
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2.6 Null Polynomials modulo m 

This concept was introduced in [33], and also studied by others without a special name [28,29]. Here, we just give 
the definition and some simple lemmas on null polynomials modulo m. For more advanced results, see [33]. 

Definition 10 A polynomial f{x) of degree n>0 modulo m is a null polynomial of degree n modulo m, if^x € Z, 
f{x) = (mod m). Specially, f{x) = is a trivial null polynomial of degree modulo m. 

Lemma 16 // f{x) = anx"" + • • • + aix + ao is a null polynomial modulo m, then ao = (mod m). 

Lemma 17 Given any null polynomial f{x) modulo m, af{x) will still be a null polynomial modulo m, where a is 
an arbitrary integer. 

Lemma 18 A polynomial f{x) is a null polynomial modulo m, if and only af{x) is a null polynomial modulo m, 
where gcd{a,m) = 1. 

Lemma 19 If f{x) is a null polynomial modulo m and a \ m, then f{x) is still a null polynomial modulo a. 

The most frequently used form of the above lemma is as follows: if f{x) is a null polynomial modulo p'^ . then f{x) 
is still a null polynomial modulo p^ for any integer i < d. 

Lemma 20 Two polynomials, fi{x) and f2{x), are equivalent polynomials modulo m if and only if fi{x) ~ f2{x) 
is a null polynomial modulo m. 

Definition 11 Denote the least integer n > 1 such that there exists a null polynomial of degree n modulo m by 
Wo(m) and call it the least null-polynomial degree modulo m. Denote the least integer n> 1 such that there exists 
a monic null polynomial of degree n modulo m by cui (m) and call it the least monic null-polynomial degree modulo 
m. A (monic) null polynomial of degree ujQ{m) or uji{m) is called a least-degree (monic) null polynomial modulo m . 

Lemma 21 Every polynomial of degree > UJi{m) modulo m has one equivalent polynomial of degree < U!i{m) — 1 
modulo m. 

2.7 Circular Shift of an Integer Set Modulo m (New) 

Definition 12 The k-th circular shift of an integer set A modulo m is defined by {x\x = (jj + k) mod m,y G A} 
and denoted by [(A + k) mod m] in this paper. 

Lemma 22 // Ai, • • • , A^ is a partition of an integer set A = {0, ■ • • ,m — 1}, then Va G [(Ai + a) mod 
m], ■ • • , [(Afc + a) mod m] is still a partition of A. 

Proof: From Ai , ■ • ■ , A^ is a partition of A, one has IJiLi ~ {^r ' ' i 'ti^ !}• Then, IJiLi ii^i + o.) mod m] = 
lJ*L]^{a;|a; = (y + a) mod m,y G Ai] ~ ^x\x ~ {y -\- a) mod m, y G UiLi = {^^1^' = iv + o,) mod m,y G A}. From 
A is a complete system of residues modulo m, \/xo G A and Va e Z, 3j/o G A, — a = j/o (mod m) 4^ xq = yo -\- a 
(mod to). Since xq G A, i.e., < < to — 1, one has xq = {yg + a) mod to. This means Vxq G [ji^i[{Ai + 
a) mod m] ~ {x\x ~ {y + a) mod m, y G A}. So IJ*L]^ [(A^ + a) mod to] = A. 

On the other hand, since Ai, ■ • • , A^ is a partition of A, Vj/i G Ai and V?/2 G {i 7^ j), one has yi ^ y2- 
Considering A is a complete system of residues modulo to, one immediately gets yi ^ y2 (mod to) (j/i + a) ^ 
{y2 + a) (mod to) (yi + a) mod to ^ [y2 + a) mod to. This means A^ n Aj = 0. 

The above two results proves this lemma. I 

2.8 Base-p Resolution (New) 

Definition 13 The base-p resolution of an integer a is an integer i > such that |[ a, i.e., p^ \ a but p*"*'^ \ a. 
Specially, define the base-p resolution of as +oo. When p = 2, the base-p resolution is also called the binary 
resolution. 
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Notation 1 The set of all integers of base-p resolution i is denoted by Z(i|p). The set of all elements in A of base-p 
resolution i is denoted by A{i\p). The set of all elements in A of base-p resolution i > a is denoted by A(> a\p); 
similarly, we can define A(< a\p) and A(^ q|p)- The set of all elements in A of base-p resolution a < i < b is denoted 
by A(a i-^ b\p). The set of all elements in A of base-p resolution i G {ii, • • • , i^} is denoted by A(ii, • • • , ik\p)- In 
the above notations, the subscription "p" denotes the base (radix) of the resolution. 

Apparently, a G Z(> i\p) <4> p'|a 4^ a = (mod p*). 

Definition 14 The base-p multi-resolution partition of the integer set ^ is a collection of the following sets: 
{Z{i\p)}^J^ . The base-p multi-resolution partition of an integer set A is a collection of the following (fcmax — fcmin + 2) 
sets: A(fcininlp), • • • , A(fcmaxlp) and A(+oo|p) = {0}, where k^nn and fcmax denote the minimal and the maximal base- 
p resolution of all non-zero integers in A. 



Specially, the base-p multi-resolution partition of A = {0, • • • ,p'^ 
A(0|p), ■ • • , A(d - and A(-Fcx)|p) = {0}. 



1} is a collection of the following d + 1 sets: 



Definition 15 Assume the base-p resolution of an integer a ^ is i > 0, then the base-p representation of a is a 

sequence of i integers Oq, ■ ■ ■ , a^, such that a — X)j=o '^jP^ '^^'^ ^ i*^' ' ' ' ■•P ~ ■ denoted by a = {ai ■ ■ ■ aQ)p. 

Specially, the base-p representation of is (0)p. The j-th integer in the base-p representation of a is called the j-th 
base-p digit or the j-th digit of base p or the j-th digit in short if the base is well defined in the context. 

It is obvious that the base-p resolution of an integer is unique and a.j = \a/p' \ mod p. 
2.9 Determinants of Some Special Matrices 



Lemma 23 A 



ssume m 



> 1. Given a 2m X 2m matrix A 



[iX] ^] i<j<m , i.e., 



A2 



where Ai = [X* "'^1 i<j<m and A2 

J l<i<2m 



1 Xi 

1 X2 

1 Xm 

1 2X1 

1 2X2 

1 2Xrn 



I 



I 

vm—l I vva 
_ -^■m_ _ _ _ _ m_ _ 

mX™"^ 1 (m + l)Xf' 



X 



2m-l 
^1 

-v^2m— 1 
^2 



v2m-l 


-2in-l 



2mX', 
2mX. 



2m-l 



2mX. 



2m-l 



Then, \A\ = (-1)^^ UT=i ni<.<,<™(^. ^ X,)' ■ 

Proof: A proof can be found in [34], or in [35] (as a special case of Theorem 20). 



Corollary 4 Assume m > 1. Given a 2m x 2m matrix A 



Ai 
A2 



where Ai = [X/"''"'"] i<i<m and A2 

l<j<2m 



[(j + i)x/] . Then, iAi = (-i)^^nr=i^mi<.<,<™(^.-^.) 



Lemma 24 Assume m > l,n > I > 1 and A is a block-wise ml x ml matrix as follows: 



A 



A, 
A2 



7 



where for i = 1 ^ m, 



k - 1 



l<j<mL 
l<k<l 



(o) 
(") 



)X, 



/7i+(?n/— 1)\ "v^m/— 1 



^7i+(?n/-l)> 



XI 



\ l-l 



ilxl 



Then, \A\ = Uti ^ ni<.<,<™(^. - X^Y . 

3 Permutation Polynomials modulo m = p^^- • •p^'^ 

The theorems given in this section says that we can focus our study on permutation polynomials modulo prime and 
prime powers. 

Theorem 2 Assume pi, ■■■ , Pr are r distinct prime numbers and di, ■ ■ ■ , dr > 1. A polynomial f{x) is a 
permutation polynomial modulo m = rii=i?'fS ^'^'^ ^''^^V if^i — ^^r, f{x) is a permutation polynomial modulo 



,Pr are all primes, 



Proof: To simplify the following proof, yi = 1 ^ r, assume Pi — p^' and Pi = m/Pi. Since pi, • 
it is obvious that gcd(P,, Pi) = 1. In addition, assume M = {0, • • • , m — 1}, and ^i = 1 r, '. 
andM* ={0,--- ,7^-1}. _ 

First, Vi = 1 ~ r, let us prove the "only if part. Va e M*, assume A = {x\x G M, a; = a (mod Pi)} = 
{Piy + a\y G M,}. Since f(x) is a permutation polynomial modulo m ~ PiPi, Vyi,?/2 G ^ and yi ^ 2/2, one has 
f{yi) ^ f{y2) (mod Pi) or /(j/i) ^ /(?/2) (mod P;), otherwise it conflicts with part 3) of Theorem 2.3 in [24] (i.e.. 
Property IX in §15 of [27]). Since f{yi) = /(j/2) = a (mod Pi), one immediately knows f{yi) ^ f{y2) (mod Pi). 
From Lemma 1, since gcd(P,;, Pi) ~ 1, g{y) = Piy + a is a permutation polynomial modulo Pi. This means that A 
is a complete system of residues modulo Pi. This leads to the result that f{x) is a permutation polynomial modulo 

Next, we prove the "if part. Given r integers as follows: ai S Mi, • ■ • , G M^, construct the system of r 
simultaneous congruences, i = 1 ~ r : f{x) = Oi (mod Pi). From the Chinese Remainder Theorem, there is exactly 
one solution of f{x) in each complete system of residues modulo m. Since f{x) is a permutation polynomial modulo 
each Pi, we can construct m = Y[l=i Pi^ systems of r simultaneous congruences, and get m distinct solutions of f{x) 
in each complete system of residues modulo m. Considering there are only m elements in each complete system of 
residues modulo m, one can immediately deduce that f{x) is also a permutation polynomial modulo m. M 

Theorem 3 Assume pi, • ■ ■ , Pr are r distinct prime numbers, di, ■ ■ ■ , dr > 1 and m = 111=1 pf'- U fii^); ' '' > 
fr (x) are permutation polynomials modulo pf^ , ■ ■ ■ , pf"' , respectively, then there exists one and only one permutation 
polynomial f{x) modulo m in each complete system of polynomial residues modulo m, such that f{x) = fi{x) 
(mod Pi') holds for i G {1, • ■ ■ ,r}. 

Proof: Applying the Chinese remainder theorem on each coefhcients of the polynomials, one can immediately prove 
this theorem. ■ 



4 Permutation Polynomials modulo p 

It is natural to connect Fermat's Little Theorem with permutation polynomials, since this theorem actually says 
that there always exists a permutation polynomial f{x) = x^ of degree p modulo a prime p such that V.t G Z, 
f{x) = X (modp). However, the original Fermat's Little Theorem say nothing about how many permutation 
polynomials there are and how to calculate other permutation polynomials (if any). We have an enhanced version 
to answer this question. 
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Theorem 4 Assume p is a prime. There exist {p — l)p\ congruence classes of permutation polynomials of degree 
p modulo p. For each given bijection over {0, • ■ • ,p — 1}, there exist p — 1 congruence classes of permutation 
polynomial of degree p modulo p. Specially, there exists a permutation polynomial f{x) = x^, such that Va; G Z, 
f{x) = x (mod p). 



Proof: Assume f{x) = apXp + Op-ix^ ^ + • • • + aix + aq, where Op ^ (mod p). Choosing a; = 0, 
respectively, one can get the following p congruences modulo p. 



Op ■ 




-Op^i- QP- 




■ai • 


Q + ao = /(O) (modp) 


Op ■ 


ph 


h Qp-i ■ IP- 




• ai ■ 


1 + ao = /(I) (modp) 


Qp ■ (p- 1)P + Op-l ■ 


iP" 


- \)P-^ + 




• ai • (p - 1) + ao = f{p - 1) 


(mod p) 


rewrite the above system of 


con| 


^ruences 


as 


the following matrix form AXa 


= B (mod p) 




"l ■ 









ao 




/(O) 






11 1 ■ 




1 








/(l)-ap 






12 22 ■ 




2P 




a2 




/(2) - 2Pap 


(mod p) 




1 p-1 (p-l)2 . 




{p-\)P_ 








_/(p - 1) - (p - l)f a^'_ 





(2) 



Apparently, A is a Vandermondc matrix, so its determinant can be calculated as \A\ ~ Y[o<i<j<p-ii-^ l"^^^ §4-4]. 
Since p is a prime and 0< {j — i) <p— 1, one has gcd(|j4|,p) = 1. Thus, the above system of congruence has a 
unique (i.e., one and only one) solution modulo p, for each combination of the values of /(O), • • • , f{p — 1) and Op. 
For each possible value of Cp, the number of all possible combinations of the values of /(O), • • • , f{p — 1) is p\. Since 
Op has p — 1 congruence classes modulo p, one immediately deduces that there exists (p — l)p\ congruence classes 
of permutation polynomials of degree p modulo p. For each bijection over {0, • ■ • ,p — 1}, i.e., for each combination 
of the values of /(O), • • • , f{p — 1), there are p — I distinct congruence classes of permutation polynomials of degree 
p modulo p, each of which corresponds to one possible value of Op modulo p. 



i for 



^ p — 1, one can get a special solution: oq = ai 







When Op = 1, choosing f{i) 

(mod p). This leads to f{x) — x^ = x (modp), which is the permutation polynomial of degree p modulo p as 
mentioned in the Fermat's little theorem. ■ 



From the above theorem, one can get some more results on the number of permutation polynomials and induced 
bijections modulo p. 

Notation 2 Assume p is a prime. Denote the number of distinct permutation polynomials and the number of 
all distinct polynomials in a complete system of polynomial resides of degree < n modulo p by Npp{< n,p) and 
^pi^ "iP) respectively. Here, the subscript "pp" means "permutation polynomial" and "p" denotes "polynomial". 
Similar functions will be defined later. 



Corollary 5 Assume p is a prime. The following is true: when n > p ^ I, 



Npp{<n,p) ^ (p-1)! 
Np{<n,p) pP-i 



Proof: Recall the proof of Theorem 4, when n > p — 1, changing the degree of the polynomial from p to n and 
moving Op, • ■ • , a„ to the right side, Eq. (2) has a unique set of incongruent solutions to the values of /(O), • ■ • , /(p — 
l),ap,--- ,a„. Since /(O),--- , /(p — 1) forms a complete permutation modulo p, one immediately has Npp{< 
n)/Np{<n) ^p\/pP = {p-iy./pP-\ U 

Corollary 6 Assume p is a prime and n > p — 1. The number of bijections induced from permutation polynomials 
of degree < n modulo p is p\. 

Proof: This corollary can be proved in the same way as the above corollary, due to the fact that each permutation 
of /(O), • • • , /(p — 1), Op, • • • , a„ corresponds to a unique set of incongruent solutions to ao, • • • , Op-i. ■ 
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Corollary 7 (A special case of Lemma 11) Assume p is a prime. Two permutation polynomials of degree < 
p ~ 1 modulo p, fi{x) and f2{x), are equivalent if and only if they are congruence polynomials modulo p, i.e., 
fi{x) s f2{x) (mod p). 

Proof: The "if part is obvious. Let us see the "only if part. From the above two coroUaries, the number of 
permutation polynomials of degree < p — 1 modulo p and the number of bijections induced from these polynomials 
are both p\. This immediately leads to the fact that any two equivalent permutation polynomials arc congruent 
polynomials, otherwise the number of bijections will be less than p\. Thus, this corollary is true. ■ 

Corollary 8 Assume p is a prime and f{x) = a„a;" + ■ • • + aix + oq is a permutation polynomial of degree n > p 
modulo p. Then f{x) has exactly p"~^ equivalent polynomials of degree < n modulo p (including itself). 

Proof: This corollary can be proved in a similar way to the above corollaries. I 

5 Permutation Polynomials modulo p*^ (d > 1) 

5.1 Hierarchy Theorem 

This theorem shows the hierarchical structure of the bijection induced from a permutation polynomial modulo p'^. 

Theorem 5 (Hierarchy Theorem) Assume p is a prime and f{x) — a„x" + - • ■+aix is a permutation polynomial 
of degree n modulo m ~ p"^ and A = {0, • • • — 1}. The following results are true. 

1. The induced bijection F : A ^ A is composed of two sub -bijections, Fi : A(> — > A(> l|p) and Fq : A\A(> 

^ A\A(> l|p). 

2. The sub-bijection Fq is composed o/p — 1 sub-bijections, \fi = 1 ^ p — 1, Fo^i : [(A(> l|p) + i) mod m] —^ 
[(A(> l|p)+ELi*''«fc) modm]. 

3. When d > 2, each of the p sub-bijections, Fi and Fq i, • ■ • , _Fo.p-i; corresponds to a permutation polynomial of 
degree < d~l modulo p'^~^ in the following form: f*{z) ~ X]i=d-i biP^^^z^ = bd-ip'^~'^z'^~^ ■ ■ ■ + b2pz-{'biz. 

4. When d > 2, Fi has is composed of d sub-bijections: i = 1 ~ d — 1, Fu : A(i\p) — > A{i\p), and Fi_d : 
A(+oo|p) — s- A(+oo|p). Each of Fq^i,--- ,_Fo_p_i is also composed of d sub-bijections of this kind. 

5. Whend>l, G {0, ■ • ■ and i ^ j , Y.l^^akW' ~ i'') = ai{j - i) + a2{f ~ i^) + ■ ■ ■ + a^if" ~ i'') ^ 
(mod p) . 

6. When d > 2, Vi G {0, • ■ • ,p - 1}, ^^J^j ki'^-'^Ok = ai + 2 ■ i^ ■ a2 + ■ ■ ■ + n ■ i"-'^ • a„ ^ (mod p). 

Proof: We prove all the results one by one. Note that A(> [(A(> l|p) + 1) mod m], • • • , [(A(> l|p) + p ~ 

1) mod m] forms a partition of A. 

1. Va; G A(> l|p). then p \ x. Since x \ f{x), so p \ f{x). This means that f{x) forms a sub-bijection 
Fi : A(> l|p) A(> l|p). From Lemma 15, there exists another sub-bijection Fq : A\A(> l|p) — > A\A(> l|p). 

2&5. Vi = l~p— 1 and Vx G [(A(> l|p) -f i) modp]. one has x = i mod p. Assume x = y + i, where 
y G A(> l|p); and one can get a new polynomial as follows: 

n 

fSAy) = fiy + = an(y + + • ■ • + ai(y + z) = fs*{y) + ^ I'^ok, 

k=l 

where fQ*i{y) = J2l=n {j2k=i (?)*'^ ■ Applying the first result on ./o,*(?/), one knows it forms a sub-bijection 

over A(> l|p). So, f{x) forms a sub-bijection Fo^i : [(A(> l|p) + i) modp] [(-^(^ 1|p) + X]fe=i mod m] . 

This proves the 2nd result of this theorem. Since f{x) is a permutation polynomial modulo p"^, Vi ^ j, the ranges 
of Fq^i, ■ ■ ■ ,Fo_p_i should form a partition of A\A(> l|p). This means that \/i,j G {0, • • • ,p — 1} and i ^ j, 
J2k=i ^''^k ^ J2k=i j'^^k (mod p). This leads to the 5th result of this theorem. 

3. For Fi, since p \ x, let us assume x = pz, where z G {0, • • • jp"^'^ — 1}. Substitute x = pz into f{x), we 
have another polynomial fi{z) = f{pz) = Onipz)"" -I- ■ • ■ 4- ai{pz) — pfl{z), where fl{z) ~ anp^~^z"' + • • ■ + aiz. 
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Apparently, over A(> f{x) is uniquely determined by the polynomial fi{z) modulo p"^'^. This means that 
fi{z) is a permutation polynomial modulo p'^~^. When n > d, p''^~^ \ anP^'^^z^ + • • • + Udp'^^^z'^, so fi{z) = 
ad-ip'^~'^z'^~^ + • • • + fliz (mod p''"^). As a result, the degree of fi{z) modulo p^^^ is always not greater than 
d — 1. For Fq i, • • • , Fo.p_i, applying the same analysis on /g* (y), • • ■ , /o p_i(2/), one can get a similar result. 

4 & 6. When x e A(+oo|p) = {0}, f{x) = /(O) = 0, so there exists a sub-bijection Fi^^ : A{+oo\p) — > A(+oo|p). 
Vz = 1 ^ d — 1 and Vx G A(i|p), then 3ki,k2 G Z and fc2 ^ (mod p), such that x = p^{kip + k2)- Then, 
2-2 _ p2i(j^^p _|_ ^^-12 _ p*+ip*-i(A;jp + ^2)^, so I x^. As a result, f{x) = aix = aip^{kip + ^2) (mod p'"*"^). 
Assume ai = (mod p), one has f{x) = (mod p'''"^). This means that f{x) G A(> i + l|p)\{0}. However, since 
p > 2, the cardinality ofA(>i + l|p)\{0} is always smaller than the cardinality of A(z|p), which conflicts with the 
fact that f{x) is a permutation polynomial modulo p'^ . So one immediately has ai ^ (mod p) and f{x) € A(i|p), 
i.e., /(x) forms a sub-bijection over A(i|p). For i = 1 ~ p — 1, applying the same analysis for /q*(?/), we can get 
similar results: ki^~^ak ^ (mod p) and f{x)Q\{y) G A(i|p). Thus the 4th and the 6th results have been 

proved. ■ 

5.2 Necessary and Sufficient Conditions for Permutation Polynomials 

Theorem 6 Assume p is a prime and d > 2. The polynomial f(x) = anx" + • • ■ + aix is a permutation polynomial 
modulo p'^ if and only if the following two conditions are true simultaneously: 

1. f{x) is a permutation polynomial modulo p, i.e., ^ijj G {0, • • • ,p — 1} and i ^ j , f{j) — f{i) — X]fc=i ^kU'' ~ 
i^) = ai(.7 + a2{.f - i^) + ■ ■ ■ + a„{f' ~ i") ^ (mod p). 

^. G {0, • • • ,p - 1}, X;Li ki'^-'^Ok = ai+ 2^2 + • • • + m"-ia„ ^ (mod p). 

Proof: The "only if part of this theorem has been proved in Theorem 5, so we only focus on the "if part. Let us 
use mathematical induction on d to prove this part. 

1) When d = 2, consider the p sub-bijections, Fi, Fq^i, • ■ • , Fo.p_i, separately. 

When X G A(> l|p), assume x = pz, where z G {0, • • • ,p — 1}, so f{x) ~ a„x" + • • • + 02.^^ + aix = p ■ aiz 
(mod p^). Apparently, f{x) is uniquely determined by the polynomial fi{z) = aiZ modulo p. Choosing i = 0, 
the second necessary and sufficient condition becomes ai ^ (modp), which means gcd(ai,p) = 1. Then, from 
Lemma 1, fi{z) = aiz forms a bijection over {0, • • • ,p — 1}. This means f{x) forms a bijection Fi over A(> l|p). 

Vi = 1 p — 1 and Vx G [(A(> l|p) + i) mod p], assume x ^ y + i, where y G A(> l|p). Substitute x ^ y + i 

into fix), one has f*.^{y) = f**{y) + J2l=i i'^o-k-, where f**{y) = (EL/ • Assume y = pz, where 

zG{0,---,p— 1}, due to the same reason in the case of a; G A(> l|p), fQ*{y) = J2k=i ki'^^^Oky = pY^^=i ki'^^^o.kZ 
(mod p^). The second necessary and sufficient condition ensure that gcd ki''~^ak,p) = 1, so J22=i ki'^~^0'kZ 

forms a bijection over {0, • • • ,p— 1} and thus /o*(?/) forms a bijection over A(> l|p). This further leads to the fact 
that f{x) forms a bijection FQ i : [(A(> l|p) + i) mod p] — > [(-'^(^ l|p) + X]fc=i *'°<^fc) mod p] . 

In addition, the first necessary and sufficient condition ensures that the range of i^o,Oj ■ ■ ■ j Po,p-i forms a partition 
of A\A(> l|p). This means that there exists a super-bijection Fq over A\A(> l|p). 

The above analyses show that f{x) forms a bijection over A. 

2) Assume the "if part is true for 2, • • • , d — 1. Let us prove the case of d > 3. Similarly, let us consider the p 
sub-bijections, Fi, Fo,i, • ■ • ,Fo,p_i, separately. 

When X G A(> l|p), assume x = pz, where z G {0, ■ • • ,p'^~^ — 1}, so f{x) = a„a;" -I- • ■ • -I- 020;^ -I- aix = 
p{anp"~^x" + • • • + a2pz -|- aiz) (mod p"*). Apparently, f{x) is uniquely determined by the polynomial fi{z) = 
bnz" + • • • + biz = a„p"^^x" -!-•••-}- a2p2 -l- aiz modulo p**"^. Since bi = (mod p) when i > 2, one can easily 
verify that /i (z) satisfies the two necessary and sufficient conditions, so from the previous assumption, /i (z) is a 
permutation polynomial modulo p'^^^. This means that f{x) forms a bijection over A(> l|p). 

Vi = 1 ^ p — 1 and Vx G [(A(> l|p) + i) mod p], assume x ~ y + i, where y G A(> l|p). Substitute x ~ y + i 

into f{x), one has f^^iy) = f^*{y) + X;Li i'^ak, where fS*{y) = J2]=n (EL/ • Assume y = pz, where 

z G {0, • • • ,p - 1}, one has f**iy) = EL„ (EL/ {1^"-' akp' z^) = pEl„ (EL/ {ly'^Wp'-' z^) . Apparently, 

/q*(?/) is uniquely determined by the polynomial /o**(z) = b^z'' + \- biz = EL« (Efe=; {'l)i^~''akP^~'^ z''^ + 

Efe=i ki^~^akz modulo p'^"^ . Similarly, since 6fc = (mod p) when A:>2, Vi,7G{0,-- - ,p — 1} and i ^ j, one has 
ELi fc*'"'^fc = bi= ELi ki'^^'ak ^ (mod p) and ELi ^feO' " = b'lU - ^) ^ U - i) ELi ki'-'ak ^ 
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(mod p), where note that j ~ i ^ (mod p). That is, the two necessary and sufficient conditions hold for fQ**{z), 
so from the previous assumption, /q**(z) is a permutation polynomial modulo p'^~^ , i.e., fQ*{y) forms a bijcction 
over A(> l|p) and f{x) forms a bijcction FQ,i : [(A(> l|p) + i) mod p] Mp) + J2k=i ^'^"fc) ^od p] . 

In addition, the first necessary and sufficient condition ensures that the range of Fq.o, ■ • ■ , ^o.p-i forms a partition 
of A\A(> l|p). This means that there exists a super-bijection Fq over A\A(> 

The above analyses show that f{x) forms a bijection over A. Thus this theorem is proved. B 

Corollary 9 The polynomial f{x) = anX^ + • • • + aix is a permutation polynomial modulo 2'^ if and only if the 
following two conditions are true simultaneously: ai = 1 (mod 2), 02 + 04 + • • • = 03 + 05 + • • • = (mod 2). 

Proof: From Theorem 6, choosing p — 2, one has the following necessary and sufficient conditions: '^i ^ 

(mod 2), fli ^ (mod 2) and X)r=i ^ (mod 2). These conditions can be simplified to be: ai = 1 (mod 2), 
^"^2 = X)"=2 = *^ (mod 2). Removing even terms from '}2^=2 ^ (mod 2), one has 03 + 05 + • • • = 
(mod 2). Then, subtracting 03 + 05 + ■ • ■ from X]r=2 "^^j '-"^^ 02 + 04 + • • • = (mod 2). This corollary is thus 
proved. ■ 

Corollary 10 Assume p is a prime and d > 2. If f{x) is a permutation polynomial modulo p'^ , then Mi > 1, it is 
still a permutation polynomial modulo p*. 

Proof: This corollary is a direct result of Theorem 6. I 

Theorem 7 Assume p is a prime and d > 1. A binomial f{x) = a2X^ + aix is a permutation polynomial modulo 
p'^ if and only if ai ^0 (mod p) and a2 = (mod p). 

Proof: The "if part can be easily verified by checking the necessary and sufficient conditions in Theorem 6. We 
focus on the "only if part. 

When p = 2, one can verify the result is true. Let us consider the case of p > 2. From Theorem 6, ai(l — (p — 
1)) + 02(1^ — (p— l)'^) = 2ai ^ (mod p), which immediately leads to ai ^ (mod p). Again, from Theorem 6, the 
following conditions hold: Vi = 1 ^ p — 1, iai + 1^02 ^ (mod p). Since p is a prime, each integer in{l,---,p— 1} 
has an inverse modulo p. Multiplying the inverse of i at both sides of each condition, one gets oi +ia2 ^ (mod p), 
so a2 ^ —aii (mod p), where i is the inverse of i modulo p. Since {«} forms a reduced system of residues modulo 
p, {— aii} = {— ai, • • • , — ai(p — 1)} still forms a reduced system of residues modulo p. Thus 02 = (mod p). ■ 

Remark 1 Note that Theorem 7 actually says that the first group of the necessary and sufficient conditions covers 
the second group of conditions when the degree is 1 or 2 modulo p'^ . 

Corollary 11 Assume p is a prime and d > 1. If f{x) is a permutation polynomial of degree 1 modulo p"^, then 
Vi > 1, it is still a permutation polynomial modulo p*. 

Proof: This corollary is a direct result of Theorem 7. I 



Open Problem # 1 When 3 < n < p — 1, is it possible to get further simplified necessary and sufficient 
conditions? 



Remark 2 After finishing the first draft of this paper, we noticed Rivest's paper [20] and found Corollary 9 was 
proved by the author in 2002. Through [20], we further noticed Mullen's paper [19] and realized that Theorem 6 
can also be derived from Theorem 123 in [1], where the second condition becomes that f'{x) ^ (mod p) holds for 
any integer x. In addition, recently we found yet another paper [21], in which Theorem 7 was also obtained in a 
similar way (Corollary 2.4)- Furthermore, we also noticed Lemma ^.2 in Chap. 4 of [6] gives a more general form 
of Theorem 6. Considering the fact that our proof of Theorem 6 is independent of Theorem 123 in [1], it can be 
considered as a different proof of this result. 
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5.3 Counting Permutation Polynomials and Induced Permutations 

The case of n > p — 1 modulo p has been solved in Corollary 5. This subsection discusses other cases modulo p'^ 
(rf>l). 

Notation 3 Assume p is a prime and d>l. Denote the number of permutation polynomials and the number of all 
polynomials in a complete system of polynomial resides of degree < n modulo p'^ by Npp{< n,p'^) and Np{< n^p"^), 
respectively. 

Remark 3 Note that the number of permutation polynomials of degree n modulo p'^ can be easily calculated to be 
Npp{< n.p"^) - Npp{< n - 1,/). 5*0 this paper only focuses on the number of permutation polynomials of 
< n modulo p'^ . 

A^pp(<l,/) p-1 ,iV««(<2,/) p-l 
Theorem 8 For any prime p and d> I, — r— = and — '—^ = — —. 

- Np{<l,pd) p Np{<2,pd) p2 



Proof: This theorem is a direct result of Theorems 1 and 7. 

Nppi<n,p'^) {p-l)P{p-l)\ 
Theorem 9 For any prime p and a > 2, — 



Np{< n,pd) p 



,2p-l 



when n > 2p — 1. 



Proof: From Theorem 6, a bijective polynomial should satisfy the following conditions: 



conditions: Vi, j G {0, • • • ,p - 1} and i ^ j, YJl=i ^kii^ - f) = ai{i - j) + ■ ■ ■ + a„(z" - j") ^ 



(mod p)] 

p conditions: Vz G {0, • • • ,p — 1}, X]fe=i ki^^^a^ = ai + 2ia2 



i„ ^ (mod p). 



Among the above (2) + p = ^^'^^^^ conditions, choose the following 2p — 1 conditions: 

• p — 1 conditions: Vi G {1, ■ ■ ■ ,p — 1} and j = 0, Y^2=i ^^^^ ^ '^i* + ' ■ ' + Oni" = (mod p), where 6; ^ 
(mod p)] 



• p conditions: Vi G 






= ai + 2ia2 + • • 


+ m" 






(mod p). 














Rewrite the above 2p — 


1 condition 


as a system of con 


gruences: 








1 


1 


1 


1 




ai 








2 


22 




2" 




a2 


















as 










{p-lf 


(p-l)3 ... 


(p-l)" 




04 




bp-1 




1 

















bp 




1 


2 


3 


n 








bp+i 




1 


2 • 2 


3-22 


n ■ 2"-i 








bp+2 






















1 


2. (p-l) 


3.(p-l)2 ... 


n . (p - l)"-i 








&2p-l 



(mod p) . 
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If wc only consider ai, • ■ • , a2p-i as unknown variables, the above system can be reduced to be the following system: 





1 


1 


1 


1 




ai 




f'i-EL2p«' 






2 


2 


2 






ffl2 




02 -l^k=2p "'2 
















fip-i 




fep-i-EL2p«.(p-i)' 






1 













Hp 




bp 


(mod p) 




1 


2 


3 


2p - 1 




a.p+1 




bp+i - Efc=2p '^"i 






1 


2 ■ 2 


3-2^ 


(2p - 1) • 22f-2 




O.p+2 




fep+2 -EL2p k2'''^ai 






1 


2 ■ (P - 1) 


3.(p~l)2 • 


■■ (2p^l).(p-l)2'''^ 




_a2p-i. 




.62p-i-EL2pfc(p-l)'"'".- 




Denoting the above system by AX 


= B (mod p), from Corollary 4, 


one 


has 



p-l 



1^1 = 



2—1 l<*<j<p— 1 



n 



Since all factors of \A\ are in {1, • • • ,p — 1} and p is a prime, gcd(|j4|,p) = 1. Then, for each valid combination of 
(&!,••■ , 62P-1, i2p, • • ■ , a„), the above system of congruences has a unique set of incongruent solutions. 

Next, let us count the number of all valid combinations of (61, • • • ,b2p-i, a2p, ■ ■ ■ ,an)- It is obvious that 



{o-2p, ■ 



In} can be any value and bp,-- - ,62p-i can be any nonzero value modulo p. However, hi, 



are also constrained by the following conditions: Vi, j e {1, ■ 



1} and t ^ j, Y.l=i dkii'^ - j") = b,-b/^0 
(mod p). That is, {b^ mod p}^"^^ forms a complete permutation over {I,-- - ,p — 1}, so the number of possible 
values of {bi, - - - , fop^i) is {p — 1)1 in total pP~^ combinations of the p — I values. Combining the above fact, one 
immediately gets Npp{< n,p'^)/Np{< n,p'^) = (1 - l/pY - {p - l)\/pP-'^ = (p - ^Y{p - 

Thus this theorem is proved. ■ 

Theorem 10 For any prime p and d > 2, the following inequalities hold: 



1. when 3 < n < p, 



Npp{<ny) ^ {p-l)P{p-l,n-l) {p-l){n-l)\{l-_\) 



< 



Nppi<n,p'') ^{p-iy. fp-iy 



Np{< n,p<^ 
2. when p+l<n<2p-2, 

Jyp(< n,p"-) pP 

Proof: When 3 < n > 2p — 2, the matrix in the proof of Theorem 9 has at most n free congruences and other 
2p — 1 — n congruences are actually linear combinations of the n free ones. This means that there exists an upper 
bound of "^^^^T^y- Note that the values of &i, • ■ • , 5p_i should form a permutation over {1, • • • ,p — 1}, so we 
consider the following two conditions, respectively. 

1) When 3 < n < p, 5p has (p— 1) possible values and the n—1 left free variables have P{p—1, n—\) ~ (n— 1)! (^^i) 



combinations, so 



Nppil^n^p") ^ (p-l)P(p-l,n-l) (p-l)(n-l)!0 



< 



Np{< n,p'^) p" p" 

2) When p+l<n<2p — 2,p— 1 free variables form the permutation over {1, • • • , p — 1} and other n — (p — 1) 
variables are totally free, so the number of possibilities of the n free variables is (p — 1)!(P ~ Thus, 
Npp{< n,p'^) ^ (p-l)!(p-l)"-(P-i) _ (p-l)! ^p-lV 



Np[< n,p'^) ~ p" pP-i 

Theorem 11 For any prime p and 3 < n < p — 2, the following inequality hold: 

("-i)!(rl) 



Npp{< n,p) ^ P{p-l,n-l) 



Np{< n,p) 



p" 



p" 



Proof: When d = 1, the second group of necessary and sufficient conditions disappear. Then, following the similar 
idea of proving the above theorem, this theorem is proved. ■ 
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Open Problem # 2 When 3 < n < 2p — 2, it is still possible to get a close form of the exact value of 
Np{< n,pd) ■ 



Example 1 When d> 2, 



Npp{< n,2^) ^ „i„(„,3) ^ ) „ ^ 2, 



1/2, n = 1, 
1/22, „^2, 
1/23, „>3 



2/3, 


n 


= 1, 


2/3^ 


n 


= 2, 


4/3", 


n 


= 3,4, 


l6/3^ 


n 


> 5. 



Solution: When n = 1, from Lemma 1, a polynomial is a permutation polynomial modulo 2"^ if and only if 
gcd(ai, 2^^) = 1. So, ai = 1 (mod 2), which means ^^"(''li^al^ = 1/2- 

When 71 = 2, assume /(x) = a2x'^ + aix. From Theorem 7, the necessary and sufBcient conditions are ai = 1 
(mod 2) and aa = (mod 2). Thus, ^j/la^.^l^ =1/2^- 

When n > 2p - 1 = 3, from Theorem 9, one has ^j/l"^^')^ = (2 - 1)^ • (2 - 1)1/2^-^-^ = 1/2^. 

Computer experiments have been made to verify the above results. □ 

Example 2 When d>2, 

Np{<n,3d) 



Solution: When n = 1, from Lemma 1, a polynomial is a permutation polynomial modulo 3 if and only if 
gcd(ai,3'') = 1. So, ai = 1,2 (mod 3), which means '^"^^I'^d^ ~ 2/3. 

When 71 = 2, assume f{x) = a2X^ + a\x. From Theorem 7, the necessary and sufficient conditions are oi ^ 
(mod 3) and 02 = (mod 3). This means that ^^^\^'^d}^ — 2/3^. 

When n = 3, from Theorem 6, the necessary and sufficient conditions are as follows: ai + a2 + 03 ^ (mod 3), 
2ai + 4a2 + 803 ^ (mod 3), (2 - l)ai + (4 - 1)03 + (8 - 1)03 ^ (mod 3), ai ^ (mod 3), ai + 2a2 + 3a3 ^ 
(mod 3) and a\ + 4a2 + 12a3 ^ (mod 3). These conditions can be further simplified as ai ^ (mod 3), 02 = 
(mod 3) and ai +03 ^ (mod 3). So, the possible values of (01,02,03) modulo 3 are (1,0,0), (1,0, 1), (2,0,0) and 

(2, 0, 2). Thus, ^''l^^^fd^ ~ 4/3'^. In the same way, one can deduce the results when n — 4. 

When n > 2p - 1 = 5, from Theorem 9, one has '^j^i<n3^) (3 - 1)^ ' (3 - 1)1/3^-^-^ = 16/3^ 

Computer experiments have been made to verify the above results. □ 

After getting the number of permutation polynomials of degree < ri modulo p"^, one can easily calculate the 
number of distinct permutations induced by the permutation polynomials of degree < n modulo p"^, by using Lemma 
20 and the results on null polynomials modulo p'^ given in [33] . We have the following theorem. 

Theorem 12 Assume p is a prime, d > 1 and Nnp{< 7i,p'^) denotes the number of null polynomials of degree 
< n modulo p'^ . Then, the number of distinct permutations induced from polynomials of degree < n modulo p'^ is 
Npp{<n,p<^)/Nnp{<n,p<^). 

Proof: It is obvious since each polynomial has Nnp{< n,p'^) equivalent polynomials from Lemma 20. I 

Remark 4 Note that Corollary 4-1 of [36] gives a different proof of Theorem 9. However, [36] mainly focuses on 
the total number of non- equivalent polynomial functions of arbitrary degree modulo p^^ and does not study the case 
when the degree is also given. So, the results given in this paper are more complete. 
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5.4 Determining (Permutation) Polynomials from Induced Bijection 

In this subsection, we study the problem of determining all equivalent polynomials when the induced polynomial 
function is (or partially) known. Note that the following results are also valid for polynomials that induce any 
polynomial functions (maybe not bijcctions). 

Following Lemma 20 and the results obtained in [33], once we get one permutation polynomials inducing the 
given bijection, we can determine all equivalent permutation polynomials. So, it is sufficient to derive only one 
equivalent polynomial as a seed. 

Theorem 13 Assume p is a prime, d > 1 and f{x) = anX^^ + • • • + ciix + gq is a polynomial of degree n < p ~ 1 
modulo p'^ . Given Xq, ■ ■ ■ , a:„ G Z, ifyi,j G {0, • ■ • , n} and i ^ j, Xi ^ Xj (mod p), then f{x) can be uniquely 
determined by solving the following system of congruence: 



Xo 
Xi 









'fixoY 




ai 








an. 




J{Xn). 



(mod p'^). 



(3) 



Proof: Denote the system of congruences by A^Xa = Bf (mod p"^). Since is a Vondermonde matrix. \A.j;\ 



n 



0<i<j<ny-^j 



Xi). From Xi ^ Xj (modp), gcd{xj — Xi,p) = 1, so gcd(|A^|,p") = 1. Thus, the system of 
congruences has a unique set of incongrucnt solutions and this theorem is proved. I 

Remark 5 When n = p — I, it is obvious that xq, ■ ■ ■ ,Xn form a complete system of residues modulo p. When 
n < p — 1, Xo, • ■ • , x„ form an incomplete system of residues modulo p. The simplest choice of the n + 1 values is: 
{x^ = m=o = {0,-- - ,n}. 

Corollary 12 Assume p is a prime, d > 1 and f{x) = a„a:" + • • • + aix is a polynomial of degree n < p — 1 modulo 
p^^ . Given xi, • • • ,x„ ^ (mod p), if\li,j G {1, • • • ,7i} and i ^ j, Xi ^ Xj (mod p), then f{x) can be uniquely 
determined by solving the following system of congruence: 



x\ 

Xl 



x\ 





















an. 




.f{Xn). 



(mod p"^). 



(4) 



Proof: This corollary is a special case of Theorem 13. For i = 1 ~ n, factoring out xi from row i of the matrix, 
one immediately has |A| = J^"^]^ Xi ni<i<j<n(^J ~ ^*)- From the conditions of {xi}^^^, \A\ is relatively prime to 
p and the system of congruences has a unique set of incongrucnt solutions, thus this corollary is proved. ■ 

When n> p ov the value of n is unknown, the above method cannot be directly used to determine polynomials 
that induce the given polynomial function. If we can find a way to reduce the degree of polynomials, then the above 
method can be employed to determine the coefficients. In the following, we give a way to achieve this task. 

Lemma 25 Assume p is a prime and 2 < d < p. If f{x) = anX^^ + ■ ■ ■ + aix + ao is a polynomial of degree n < pd—l 
modulo p'^ , then all its equivalent polynomials < pd — 1 modulo p'^ can be determined from the induced polynomial 
function over {0, • • • — 1}. 



Proof: Choosing x = pyi + 6o, i.e., yi = \^x/y\ and 6o = {x mod p) G {0 



EO k k 



ELniElnOp'y'ib'o-' 



when bo = 0, 
when &o G {1 



p — 1}, we have p sub-polynomials: 



Apparently, they have a uniform form: fboiui) ~ X]fc=nP'^^i''"^2^i ' where a[! 



(0) 



Gk and a^.^"' 



j:ln<H 



when bo £{!,■■■ ,p~ 1}. Note that fboivi) = /ho(yi) = 'El=d-iP'''^k"^ Vi P'^)' we can focus on f^^{yi) 



16 



only. Since d < p, each sub-polynomial Z^*, (2/1) is of degree less than p modulo p"^, so all the coefficients can be 
uniquely solved modulo p''-, i.e. the value of each al^°\ can be uniquely solved modulo p''"'"'. It is obvious that the 
p'' distinct valid values of a[,'"'^ modulo p'^ are equivalent for fboivi) and so equivalent for f{x). 

For each set of the valid values of all coefficients modulo p'^, one has a system of congruences in the form 
AXa = B (mod /): 



where 



for bo = 1 ^ p — 1, 







ao 




' Bo - 






ai 




Bi 


Ap-i. 




O-pd-l. 







dxd Orfx(i(p-l) 



(mod p'^), 



1 
1 
1 













110 



dxpd 



(5) 



1 


60 


bl ■ 


^0"' 1 


bt ■■ 







1 


2bo ■ 




dbV •• 












■ r.')bt' \ 


{t)bt' ■■ 









Lt,)b. 



(pd-l\,pd-{d-l) 
\ d-1 )"0 



dxpd 



and for hi 



'0 



Q^p-1, Bb„ 



(bo) (bo) 







a 



a 



(bo) 
-1 



From Lemma 24, one can see \A\ is relatively prime to p. 

the above system of congruences has a 



Thus, for each valid set of the values of the coefficients ■fa[''''''l 

0<i)o<P-l 

unique set of solutions modulo p"^. One can easily verify that each set of solutions corresponds to an equivalent of 



the polynomial f{x). Thus this lemma is proved. 



Remark 6 In fact, in the proof of the above lemma, we can also calculate the number of equivalent polynomials of 



fix) of degree < pd — 1 modulo p'^ . It 



IS p 



P 



From Lemma 20, this number should be equal to 



the number of null polynomials of degree < pd — 1 modulo p'^. Clearly, p 
and Theorem 43) obtained in [33]. 



agrees with the results (Lemma 34 



Corollary 13 Assume p is a prime and 2 < d < p. If f{x) ^ OnX"^ + ■ ■ ■ + aix + ao is a polynomial modulo p"^ , then 
all its equivalent polynomials modulo p'^ an be determined from the induced polynomial function over {0, • • • ,p'^ — \} . 



Proof: When n > pd, one can move Opd, ■ 
Then, Opd, 



, a„ to the right side of the matrix in the proof of the above lemma. 



d(d-l)p 

, a„ become free variables, so each set of their values corresponds to p 2 equivalent polynomials 
modulo p'^. That is, in total we have pd{n-pd+i) ' ^ equivalent polynomials. Thus this corollary is also true. ■ 



Theorem 14 Assume p is a prime and d > 2. If f{x) = Onx" + • • • + aix + ao is a polynomial modulo p'^ , then all 
its equivalent polynomials modulo p'^ an be determined from the induced polynomial function over {0, • • • ,p'^ — 1} . 

Proof: We use induction on d to prove this theorem. The case oi 2 < d < p has been proved above. Let us prove 
the case oi d > p under the assumption that this theorem is true for any integer less than d. 

Using the same way in the proof of Lemma 25, we can get p sub-polynomials f^^{yi), which uniquely determine 
the induced bijection. Since the degree of f^_ (yi) modulo p'^ is not less than p, the coefficients cannot be uniquely 
solved, let us try to further decompose each sub-polynomial in the same way. 
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At first, note that the value of Oq'"'^ modulo p'^ can always be uniquely solved by choosing yi = (mod p'^). Then, 
for 60 e {1, • • • 1}, subtracting 4"°^ from f^v^), one has -4"°^ = p (zLd-i = Pft: ivi)- 

For 60 = 0, one can make the similar operation to get /o(a;) — ao"' = p (^Ylk^d^iP^^^ o-ku'ij = p/o * {vi}- Apparently, 

fboix) is uniquely determined by a'^°^ modulo p'' and f^*{yi) modulo p*^^^. Applying the hypothesis on f^*{yi), all 
equivalent polynomials of f^*{yi) can be determined modulo p'^~^ . Then, with each valid^ equivalent polynomial 

of f^*{yi) and the value of a!:^'^\ one can further uniquely determine all coefficients of f{x) modulo p'^ in the same 
way given in the proof of Lemma 25. Thus this theorem is proved. B 

The above theorem tells us that all equivalent polynomials that induce a given polynomial function modulo 
p'^ can be determined via a recursive manner. Considering the complexity of solving Eq. (3) is 0{p^) and the 
complexity of solving Eq. (5) is 0((pd)^), the total complexity of deriving one equivalent polynomial via the 
recursive procedure is 



O 



({pdf + {p{d - l)fp +---+(p{d~{d- p)))'/-'') + pV"''+') = O . (6) 



In fact, this complexity can be further reduced, due to the existence of a power of p in each coefficient (except 
a'^°^) of each sub-polynomial /^^(yi), which will make more coefficients disappear as the value of d decreases. In 
the following, let us study what will happen when the sub-polynomial and its derivatives are further decomposed. 

At first, let us see the decomposition of the p sub-polynomials < (yi) ~ X]fe=d-i P'^^^J/i f ■ Similarly, 

^ " J bo=0 

choosing yi = py2 + bi, i.e., 7/2 = lyi/p\ ~ \_x/'p'^\ s-nd hi = [yi mod p) G {0, ■ • • ,p — 1}, we have p^ sub-polynomials 
as follows: V60, G {0, • • • , p — 1}, 

, , /EL.-iP''-'«^^yt, when 61 = 0, 

KmAV^) (Y!l=a-,v'-'-f"\[)b{-'p'yi) +i:la-.P'-'-f"\ when 61 e {I,--- 



The above polynomial can be rewritten in the following form: 

, . ^ ^EL.-l^'''-^«^'''"^y^^ when 61 = 0, 

h.M\y^) \^i^^_^p2fe-i„('>..'>o)yfc_^^(;>.M^ ^hen6i G {!,... ,p-l}, 

where 4°'''°^ = a^"^ and a^^'^'''^ = Etd-i P'"''a|'"'HD^'r'' for 1 < fc < d - 1 and 1 < &i < p - 1. Then, solving 
^(61, bo) ^j^j subtracting it from the involved polynomial, one can get p^ polynomials modulo p''^^ as follows: 



P ^ '0.1 '?/2 
k=d-1 



0<fco,bl<p-l 



Repeat the above procedure for i times, where 1 < i < d — 2, one can get p*^^ polynomials modulo p'^ *: 
V6o,---,6,e{0,---,p-l}, 



EL.-.P^^'-'^+'af '■■■''"'y^Vi' when = 0, 

and p*"*"^ polynomials modulo p^^'^i 



^'^ ' 1 Ei^d-^P'^'-'^^'o!^- ^'"'yt. + a[f-- when 6, e {1, • • ■ ,p - 1}, 



/•** f \ i(k-l) (bi,--- ,bo) k 



_ P' 'a^k yi+1 

k—d—i—1 , 



0<bo,- - ,b,<p-l 



where = \yilp\ ~ \ xlp^'^'^\ and hi — (yi mod p) G {0, • • ■ ,p~ 1}. Observing the above polynomials, one can see 
that some higher coefficients disappear modulo p'^~^ or modulo p'^~^~^ due to the existence of powers of p. Assume 

^Note that not all equivalent polynomials of f^*{yi) are valid, due to the existence of some power of p in each coefficient. 
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y(fc-i)+i ^ pd-i pi(fc-i) < pf*-*-!, one has fc < so a 



z > 



d-l 



one has i > 



'^"^ is vaHd only when k < [^] - 1. When 
^ <P=> \^] <P^ \^] - 1 < p - 1, so the coefficients of /* ... can 



be uniquely determined. This means that the complexity of deriving one equivalent polynomial via the procedure 
is reduced to be 



O ipdf + {p{d^l)fp+---+(p(d 



1 



which is much smaller than Eq. (6) when d ^ p. 

Remark 7 From Theorem 13, solving the coefficients of a polynomial of degree < p needs only p input-output values 
of the polynomial function. This means that it is still possible to determine the polynomials if the induced polynomial 
function is partially known. For the polynomials of arbitrary degree modulo p , only p' p I input-output values 
are needed. Note that the needed input-output values should satisfy some certain distribution modulo p"^, so the 
number of required input-output values will be larger if the values are observed in a random process^ . 
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